In a shocking revelation, cybersecurity firm SlowMist and on-chain analyst ZachXBT have uncovered the involvement of the notorious North Korean hacker group, Lazarus Group, in the recent CoinEx crypto exchange hack. This discovery sheds light on the increasingly sophisticated tactics employed by cybercriminals in the cryptocurrency world.

On September 12, 2023, CoinEx’s Risk Control System detected suspicious activity involving irregular withdrawals from its hot wallet addresses. The exchange promptly launched an investigation and discovered unauthorized transactions involving Ethereum (ETH), Tron (TRON), and Polygon (MATIC). Although the exact amount of the stolen funds was initially uncertain, SlowMist has since confirmed that approximately $55.5 million were taken.

More recently, CoinEx identified additional suspicious wallet addresses across various blockchains, indicating a wider scope of the breach. These addresses were found on Binance Smart Chain (BSC), ARB, OP, and XLM.

CoinEx reassured its users that the stolen funds represented only a small fraction of the exchange’s total assets. The exchange also emphasized the security of users’ assets and pledged full compensation to those affected by the hack. To ensure the safety of its platform, CoinEx temporarily suspended deposit and withdrawal services and committed to conducting a comprehensive review before resuming normal operations.

The investigation conducted by SlowMist unraveled the connection between the CoinEx hack and previous cyberattacks attributed to the Lazarus Group. Two hacker addresses identified as the Stakecom Exploiter were uncovered on BSC and Polygon. These addresses, along with an associated hack on Stake, pointed to the involvement of the Lazarus Group.

On-chain analyst ZachXBT, known for his investigative expertise, further corroborated the link between the recent CoinEx hack and a previous $41 million Stake hack. This critical finding provides significant evidence of the Lazarus Group’s potential involvement.

Interestingly, the Lazarus Group initiated the movement of assets from the Stake hack today. They transferred Binance Coin (BNB) to various ChangeNOW custodian addresses, employing platforms like TransitSwap, SwftSwap, SquidRouter, and OKX-DEX. The hackers used TransitSwap to exchange BNB for USDT-BEP20 on PancakeSwap and subsequently transferred the funds to the crypto exchange MEXC.

The Lazarus Group’s exploits in the cryptocurrency space have amounted to billions of dollars, demonstrating the urgent need for enhanced security measures within the blockchain industry. Authorities in South Korea are intensifying efforts to prevent North Korea from using these illicit funds for alleged illegal weapons programs.

Despite the shocking news, the broader crypto market has remained resilient. The total crypto market cap currently stands at $1.020 trillion, encountering a crucial resistance level at $1.022 trillion.

Disclaimer: The information provided in this research report is for informational purposes only and should not be interpreted as financial or investment advice. The NFT and cryptocurrency market is highly volatile, and readers should conduct thorough research before making any investment decisions.